The approaches described in this section are approaches that could be pursued, but not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated, it should not be assumed that any of the approaches described in this section qualify as prior art merely by virtue of their inclusion in this section.
Enterprise desktop management generally refers to managing, protecting, and distributing the disk contents of a large number of computers in an enterprise such as, for example, a company, an educational institution, or a government or non-government organization. Enterprise desktop management is one of the most challenging Information Technology (IT) tasks for several reasons.
One reason is the complexity of managing a large number of different desktop instances that may exist on enterprise computers. The sheer number of desktops to manage, the proliferation of Operating System (OS) images and applications, the complex set of operations to apply—including deployment and provisioning, upgrades, compliance testing, security patches, troubleshooting—all make the managing of enterprise desktops a very challenging task.
Content protection is another reason that makes enterprise desktop management a challenging task. Desktops are one of the main entry/exit points to/from the enterprise network, and they need to be protected to avoid compromising the security of the enterprise or loss of sensitive documents and data upon computer failure causing violations of compliance regulations.
Another reason that makes enterprise desktop management a challenging task is that nowadays most enterprises are dispersed over multiple geographic locations. The use of Local Area Networks (LANs) that are connected over one or more Wide Area Networks (WANs) with variable bandwidths and latencies is a serious barrier to providing efficient desktop management and tight protection of desktop contents. Further, laptop computers are often offline and thus inaccessible for remote IT management. They are often connected to the enterprise network via Virtual Private Network (VPN) links that have lower bandwidth, higher latency, and lower reliability. They can be used to bypass the enterprise network and to access the Internet directly, thus becoming completely exposed and unprotected. Laptop computers are much more prone to breakage, theft, and loss, and hence their desktop contents require an even stronger data protection as well as the ability to be recovered quickly from a loss of the physical laptop computer.